Ah - my apologies. Somehow a line seems to have been deleted from the
file. The bundle should clearly begin with a promise type
reports:
but it has gone missing. Attached file.
Juergen Prusseit wrote:
> same errors after fresh install
> environment: fresh vm (debian/lenny) without everything regarding cf
>
> install commands:
>
> tar xvfz cfengine-2.2.9.tar.gz
> cd cfengine-2.2.9
> sh configure
> make
> cd src/.libs/
> cp libcfengine.a /usr/local/lib/libcfengine.a
> ldconfig
>
> tar xvfz cfengine-3.0.0p1.tar.gz
> cd cfengine-3.0.0p1
> sh configure
> make
> make install
> cd inputs/
> cp failsafe.cf library.cf promises.cf site.cf update.cf
> /var/cfengine/inputs/
>
> cf-promises
> --> same errors
>
> any ideas ?
>
> Kind Regards
> Jürgen Prusseit
>
>
>
> [email protected] schrieb am 08.01.2009
> 14:20:37:
>
>> These work out of the box. My guess is that you might have an old beta
>> version of cf-promises lying on the system that did not have this part
>> of the syntax implemented. Try to clean out everything and make sure
>>
>> WORKDIR/bin/cf-promises is up to date
>>
>> M
>
>
> _______________________________________________
> Bug-cfengine mailing list
> [email protected]
> https://cfengine.org/mailman/listinfo/bug-cfengine
--
Mark Burgess
-------------------------------------------------
Professor of Network and System Administration
Oslo University College, Norway
Personal Web: http://www.iu.hio.no/~mark
Office Telf : +47 22453272
-------------------------------------------------
#######################################################
#
# Site specific promises
#
#######################################################
bundle common g
{
vars:
SuSE::
"crontab" string => "/var/spool/cron/tabs/root";
!SuSE::
"crontab" string => "/var/spool/cron/crontabs/root";
}
#######################################################
# Start with cfengine itself
#######################################################
bundle agent cfengine
{
classes:
"integrate_cfengine2"
and => {
fileexists("$(sys.workdir)/inputs/cfagent.conf"),
fileexists("$(sys.workdir)/bin/cfagent")
};
vars:
"cf2bits" slist => { "cfenvd", "cfservd", "cfexecd" };
commands:
integrate_cfengine2::
"$(sys.workdir)/bin/cfagent"
action => longjob;
files:
# Warn about rules relating to cfengine 2 in inputs - could conflict
"$(sys.workdir)/inputs/.*"
comment => "Check if there are still promises about cfengine 2 that
need removing",
edit_line => DeleteLinesMatching(".*$(cf2bits).*"),
file_select => OldCf2Files,
action => WarnOnly;
# Check cf-execd and schedule is in crontab
"$(g.crontab)"
edit_line => upgrade_cfexecd;
processes:
exec_fix::
"cron" signals => { "hup" };
}
#######################################################
# General site issues can be in bundles like this one
#######################################################
bundle agent main
{
vars:
"component" slist => { "cf-monitord", "cf-serverd" };
# - - - - - - - - - - - - - - - - - - - - - - - -
files:
"$(sys.resolv)" # test on "/tmp/resolv.conf" #
create => "true",
edit_line => resolver,
edit_defaults => def;
# Uncomment this to perform a change-detection scan
# "/usr"
# changes => lay_trip_wire,
# depth_search => recurse("inf"),
# action => measure;
processes:
"cfenvd" signals => { "term" };
# Uncomment this when you are ready to upgrade the server
#
# "cfservd" signals => { "term" };
#
# Now make sure the new parts are running, cf-serverd will fail if
# the old server is still running
"$(component)" restart_class => canonify("start_$(component)");
# - - - - - - - - - - - - - - - - - - - - - - - -
commands:
"$(sys.workdir)/bin/$(component)"
ifvarclass => canonify("start_$(component)");
}
#######################################################
# Garbage collection issues
#######################################################
bundle agent garbage_collection
{
files:
"$(sys.workdir)/outputs"
delete => tidy,
file_select => days_old("3"),
depth_search => recurse("inf");
}
###########################################################
body file_select OldCf2Files
{
leaf_name => {
"promises.cf",
"site.cf",
"library.cf",
"failsafe.cf",
".*.txt",
".*.html",
".*~",
"#.*"
};
file_result => "!leaf_name";
}
###########################################################
body action measure
{
measurement_class => "Detect Changes in /usr";
ifelapsed => "240";
expireafter => "240";
}
#######################################################
# Anomaly monitoring
#######################################################
bundle agent anomalies
{
reports:
rootprocs_high_dev2::
"RootProc anomaly high 2 dev on $(sys.host) at $(sys.env_time)
measured value $(sys.value_rootprocs) av $(sys.average_rootprocs) pm
$(sys.stddev_rootprocs)"
showstate => { "rootprocs" };
entropy_www_in_high&anomaly_hosts.www_in_high_anomaly::
"HIGH ENTROPY Incoming www anomaly high anomaly dev!! on $(sys.host) at
$(sys.env_time)
- measured value $(sys.value_www_in) av $(sys.average_www_in) pm
$(sys.stddev_www_in)"
showstate => { "incoming.www" };
entropy_www_in_low.anomaly_hosts.www_in_high_anomaly::
"LOW ENTROPY Incoming www anomaly high anomaly dev!! on $(sys.host) at
$(sys.env_time)
- measured value $(svalue_www_in) av $(average_www_in) pm $(stddev_www_in)"
showstate => { "incoming.www" };
entropy_tcpsyn_in_low.anomaly_hosts.tcpsyn_in_high_dev2::
"Anomalous number of new TCP connections on $(sys.host) at $(sys.env_time)
- measured value $(sys.value_tcpsyn_in) av $(sys.average_tcpsyn_in) pm
$(sys.stddev_tcpsyn_in)"
showstate => { "incoming.tcpsyn" };
entropy_dns_in_low.anomaly_hosts.dns_in_high_anomaly::
"Anomalous (3dev) incoming DNS packets on $(sys.host) at $(sys.env_time)
- measured value $(sys.value_dns_in) av $(average_dns_in) pm
$(sys.stddev_dns_in)"
showstate => { "incoming.dns" };
entropy_dns_in_low.anomaly_hosts.udp_in_high_dev2::
"Anomalous (2dev) incoming (non-DNS) UDP traffic on $(sys.host) at
$(sys.env_time)
- measured value $(sys.value_udp_in) av $(sys.average_udp_in) pm
$(sys.stddev_udp_in)"
showstate => { "incoming.udp" };
anomaly_hosts.icmp_in_high_anomaly.!entropy_icmp_in_high::
"Anomalous low entropy (3dev) incoming ICMP traffic on $(sys.host) at
$(sys.env_time)
- measured value $(sys.value_icmp_in) av $(sys.average_icmp_in) pm
$(sys.stddev_icmp_in)"
showstate => { "incoming.icmp" };
}
#######################################################
# Server configuration
#######################################################
bundle server access_rules()
{
access:
"/home/mark/LapTop"
admit => { "127.0.0.1" };
"/home/mark/.cfagent/bin/cf-agent"
admit => { "127.0.0.1" };
roles:
".*" authorize => { "mark" };
}
_______________________________________________
Bug-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/bug-cfengine
